GM Financial
AVP Cybersecurity
GM Financial, Irving, Texas, United States, 75084
Overview
Hybrid work environment; 4 days in office and 1 day remoteWhy Cybersecurity at GM Financial?
The GMF Cybersecurity team is tasked with the security engineering, regulatory response, third party risk, and incident response capabilities necessary to secure GM Financial, the captive auto finance subsidiary of General Motors. Reporting directly to the CEO, our Cybersecurity team enjoys unprecedented support to deliver the highest level of security capabilities using cutting edge technologies and automating mundane tasks, allowing our teams to focus on interesting and rewarding security work. As a part of GM, you’ll have the opportunity to work on Cybersecurity projects across financial services, automotive, manufacturing, high-tech, and military industries. We are looking for team players who want the freedom to innovate leading edge capabilities to join our growing Cybersecurity team.The AVP of Cyber Architecture leads a team of skilled Cyber Architects, overseeing the design and implementation of security controls for new systems and technologies. This team is responsible for ensuring all security requirements are met, aligning with regulatory standards and organizational goals. The AVP collaborates with stakeholders across the business and with Architecture, Engineering, and Operations teams throughout Cyber, IT, and Digital to define security strategies, guide architecture decisions, and assess risks. The ideal candidate will bring expertise in cybersecurity frameworks, cloud and hybrid environments, and a deep understanding of emerging technologies to drive secure innovation and resilient infrastructure through strong leadership and effective team management.Responsibilities
About the role:Leads Cybersecurity Operations group and is responsible for engineer talent managementCoordinate with Senior IT Security leaders to set direction and operation of the groupPrepares roadmaps, guidelines and direction for the departmentPreparing technical requirements, standards, manage project assignment and delegate tasks as neededIdentify, engineer and design security technologies including, but not limited to: Security Incident and Event Managers (SIEM) and threat intelligence solutions, Web filtering (proxy, network AV), Intrusion Detection and Prevention Systems (IDS/IPS), Endpoint security solutions, Data Loss Prevention (DLP), Vulnerability Management (VM), Threat Intelligence and Threat Detection, Web Application Firewalls (WAF), Email Gateways, Breach Mitigation, Certificate Management, SSL encryption and decryption, Identity Management, Cloud Security, Database Security, Web Gateways and VPNs and FirewallsCommunicate critical threats and remediation efforts for the enterpriseProvide in-depth support for information security incidents including internal violations, hacker attacks, virus and system outagesPrepare and update information procedures, standards and/or other technical requirement documentsAct as a technical resource to department management and others within the company who are seeking more information about securityDevelop detailed proposals and plans for new information security systems that would enhance or enable new capabilities for network or host systemsPerform other duties as assigned and conform with all company policies and proceduresQualifications
What makes you an ideal candidate:Advanced knowledge in infrastructure design and management, local and wide area networking concepts, principles and protocolsStrong working knowledge of Intel platforms, iSeries and pSeries servers, IT Service Management (ITSM) best practices and processes, experience with UML Design Tools, TCP/IP, OSI model and subnettingUnderstanding of routing and switching protocols as they relate to load balancingStrong understanding of application layer protocols including HTTP, SSH, SSL and DNSKnowledge and stay abreast on the latest security and privacy legislation, regulations, advisories, alerts and vulnerabilitiesKnowledge of IT security processes and controls as well as IT infrastructure and networking technical knowledgeMust have demonstrable experience supporting security requirements of a large, global enterprise environmentAbility to apply structured analysis methods to various types of data to establish trends, determine variability and business impactExperience with alternate management methods using SSH, serial connections and the command-line interface TMSHAdvanced information security standards/frameworks (ie, NIST Cybersecurity Framework, ISO 27001) skillsEducation
Bachelor’s Degree or equivalent experience preferredExperience
6 years of experience in large and complex related business environments with a successful track record working directly with senior level management required5-7 years of experience in one or more of the following domains: Cybersecurity, Information Security, Security Architecture and Design, Security Governance and Risk Management, Security Engineering and Operations, IT or Security Audit, and Security, Legal, and Regulatory Compliance requiredLicenses
Information Security Certifications preferredWhat We Offer:
Generous benefits package available on day one to include: 401K matching, bonding leave for new parents (12 weeks, 100% paid), training, GM employee auto discount, community service pay and nine company holidays.Our Culture:
Our team members define and shape our culture. We have an environment that welcomes new ideas, fosters integrity, and creates a sense of community and belonging. Here we do more than work — we thrive.Compensation:
Competitive salary and bonus eligibility; this role is eligible for company vehicle program.Work Life Balance:
Flexible hybrid work environment, 4-days a week in office.#LI-WB1
#J-18808-Ljbffr
Hybrid work environment; 4 days in office and 1 day remoteWhy Cybersecurity at GM Financial?
The GMF Cybersecurity team is tasked with the security engineering, regulatory response, third party risk, and incident response capabilities necessary to secure GM Financial, the captive auto finance subsidiary of General Motors. Reporting directly to the CEO, our Cybersecurity team enjoys unprecedented support to deliver the highest level of security capabilities using cutting edge technologies and automating mundane tasks, allowing our teams to focus on interesting and rewarding security work. As a part of GM, you’ll have the opportunity to work on Cybersecurity projects across financial services, automotive, manufacturing, high-tech, and military industries. We are looking for team players who want the freedom to innovate leading edge capabilities to join our growing Cybersecurity team.The AVP of Cyber Architecture leads a team of skilled Cyber Architects, overseeing the design and implementation of security controls for new systems and technologies. This team is responsible for ensuring all security requirements are met, aligning with regulatory standards and organizational goals. The AVP collaborates with stakeholders across the business and with Architecture, Engineering, and Operations teams throughout Cyber, IT, and Digital to define security strategies, guide architecture decisions, and assess risks. The ideal candidate will bring expertise in cybersecurity frameworks, cloud and hybrid environments, and a deep understanding of emerging technologies to drive secure innovation and resilient infrastructure through strong leadership and effective team management.Responsibilities
About the role:Leads Cybersecurity Operations group and is responsible for engineer talent managementCoordinate with Senior IT Security leaders to set direction and operation of the groupPrepares roadmaps, guidelines and direction for the departmentPreparing technical requirements, standards, manage project assignment and delegate tasks as neededIdentify, engineer and design security technologies including, but not limited to: Security Incident and Event Managers (SIEM) and threat intelligence solutions, Web filtering (proxy, network AV), Intrusion Detection and Prevention Systems (IDS/IPS), Endpoint security solutions, Data Loss Prevention (DLP), Vulnerability Management (VM), Threat Intelligence and Threat Detection, Web Application Firewalls (WAF), Email Gateways, Breach Mitigation, Certificate Management, SSL encryption and decryption, Identity Management, Cloud Security, Database Security, Web Gateways and VPNs and FirewallsCommunicate critical threats and remediation efforts for the enterpriseProvide in-depth support for information security incidents including internal violations, hacker attacks, virus and system outagesPrepare and update information procedures, standards and/or other technical requirement documentsAct as a technical resource to department management and others within the company who are seeking more information about securityDevelop detailed proposals and plans for new information security systems that would enhance or enable new capabilities for network or host systemsPerform other duties as assigned and conform with all company policies and proceduresQualifications
What makes you an ideal candidate:Advanced knowledge in infrastructure design and management, local and wide area networking concepts, principles and protocolsStrong working knowledge of Intel platforms, iSeries and pSeries servers, IT Service Management (ITSM) best practices and processes, experience with UML Design Tools, TCP/IP, OSI model and subnettingUnderstanding of routing and switching protocols as they relate to load balancingStrong understanding of application layer protocols including HTTP, SSH, SSL and DNSKnowledge and stay abreast on the latest security and privacy legislation, regulations, advisories, alerts and vulnerabilitiesKnowledge of IT security processes and controls as well as IT infrastructure and networking technical knowledgeMust have demonstrable experience supporting security requirements of a large, global enterprise environmentAbility to apply structured analysis methods to various types of data to establish trends, determine variability and business impactExperience with alternate management methods using SSH, serial connections and the command-line interface TMSHAdvanced information security standards/frameworks (ie, NIST Cybersecurity Framework, ISO 27001) skillsEducation
Bachelor’s Degree or equivalent experience preferredExperience
6 years of experience in large and complex related business environments with a successful track record working directly with senior level management required5-7 years of experience in one or more of the following domains: Cybersecurity, Information Security, Security Architecture and Design, Security Governance and Risk Management, Security Engineering and Operations, IT or Security Audit, and Security, Legal, and Regulatory Compliance requiredLicenses
Information Security Certifications preferredWhat We Offer:
Generous benefits package available on day one to include: 401K matching, bonding leave for new parents (12 weeks, 100% paid), training, GM employee auto discount, community service pay and nine company holidays.Our Culture:
Our team members define and shape our culture. We have an environment that welcomes new ideas, fosters integrity, and creates a sense of community and belonging. Here we do more than work — we thrive.Compensation:
Competitive salary and bonus eligibility; this role is eligible for company vehicle program.Work Life Balance:
Flexible hybrid work environment, 4-days a week in office.#LI-WB1
#J-18808-Ljbffr